Skip to content

Commit

Permalink
Create a workflow for manual releases
Browse files Browse the repository at this point in the history
  • Loading branch information
@ifrost
ifrost committed Feb 5, 2025
1 parent 1d9d188 commit e86cca2
Show file tree
Hide file tree
Showing 4 changed files with 126 additions and 104 deletions.
75 changes: 8 additions & 67 deletions .drone.migration.jsonnet
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,62 +21,19 @@ local pipeline(name, steps=[], services=[]) = {
steps: [step('runner identification', ['echo $DRONE_RUNNER_NAME'], 'alpine')] + steps,
trigger+: {
ref+: [
'refs/tags/v*.*.*',
'refs/tags/weekly-f*',
],
},
};

local releaseOnly = {
local weeklyReleaseOnly = {
when: {
ref+: [
'refs/tags/v*.*.*',
'refs/tags/weekly-f*',
],
},
};

local releaseOnly = {
when: {
event: ['tag'],
ref+: [
'refs/tags/v*.*.*',
'refs/tags/weekly-f*',
],
},
};

local releaseOnMainOnly = {
when: {
event: ['tag'],
ref: [
'refs/heads/main',
],
},
};

local nonReleaseOnly = {
when: {
event: {
exclude: ['tag'],
},
},
};


local cronOnly = {
when: {
event: ['cron'],
},
};

local prOnly = {
when: {
event: {
include: ['pull_request'],
},
},
};
// promoteOnly triggers pipelines only on promotion. Various deployment steps
// are tagged with this, so that we can optionally tell Drone to
// deploy to different environments by promoting a build.
Expand Down Expand Up @@ -118,7 +75,7 @@ local uploadStep = function(platform)
from_secret: 'gcs_service_account_key',
},
},
} + releaseOnly;
} + weeklyReleaseOnly;


// NB: Former deployStep() replaced by argo-workflows api call using argo-cli container
Expand Down Expand Up @@ -188,7 +145,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
depends_on: [
'build frontend packages',
],
} + releaseOnly,
} + weeklyReleaseOnly,

step('publish zip to GCS', [], image='plugins/gcs') + {
depends_on: [
Expand All @@ -202,7 +159,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
from_secret: 'gcs_service_account_key',
},
},
} + releaseOnly,
} + weeklyReleaseOnly,

step('publish zip to GCS with commit SHA', [], image='plugins/gcs') + {
depends_on: [
Expand All @@ -216,7 +173,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
from_secret: 'gcs_service_account_key',
},
},
} + releaseOnly,
} + weeklyReleaseOnly,

step('publish zip to GCS with latest', [], image='plugins/gcs') + {
depends_on: [
Expand All @@ -230,7 +187,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
from_secret: 'gcs_service_account_key',
},
},
} + releaseOnly,
} + weeklyReleaseOnly,

step('publish zip to GCS with tag', [], image='plugins/gcs') + {
depends_on: [
Expand All @@ -245,7 +202,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
from_secret: 'gcs_service_account_key',
},
},
} + releaseOnly,
} + weeklyReleaseOnly,
step('publish release to Github', [], image='plugins/github-release') + {
settings: {
api_key: {
Expand All @@ -258,23 +215,7 @@ local generateTagsStep(depends_on=[]) = step('generate tags', [
'generate tags',
'package and sign',
],
} + releaseOnly,

step('publish to grafana.com', [
'apt update',
'apt install -y curl',
'./scripts/publish-plugin ${DRONE_BUILD_NUMBER} ${DRONE_TAG}',
], image=dockerGrafanaPluginCIImage) + {
environment: {
GCOM_TOKEN: {
from_secret: 'gcom_publish_token',
},
},
depends_on: [
'generate tags',
'package and sign',
],
} + releaseOnMainOnly,
} + weeklyReleaseOnly,
]),

pipeline('weekly deploy ops', [
Expand Down
74 changes: 73 additions & 1 deletion .github/workflows/create-new-version.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,21 @@ on:
- minor
- major

# Required to create OIDC/JWT token required to use shared actions
permissions:
contents: read
pull-requests: write
id-token: write

jobs:
create-new-version:
name: Tag new version (with changelog)
# Required to push the tag
permissions:
contents: write
runs-on: ubuntu-latest
outputs:
version: ${{ steps.tag.outputs.version }}
steps:
- uses: tibdex/github-app-token@v1
id: get_installation_token
Expand All @@ -43,13 +53,75 @@ jobs:
run: yarn install --immutable

- name: Create version & update CHANGELOG
id: tag
env:
DB_FE_CI_BOT_EMAIL: ${{ secrets.DB_FE_CI_BOT_EMAIL }}
run: |
git config --global user.email "$DB_FE_CI_BOT_EMAIL"
git config --global user.name "Databases Frontend CI Bot"
git config --global url.https://${{ steps.get_installation_token.outputs.token }}@github.com/.insteadOf https://github.com/
npm version ${{ inputs.version }}
VERSION=$(npm version ${{ inputs.version })
echo "version=${VERSION}" >> $GITHUB_OUTPUT
- name: Push
run: git push origin main --tags

build:
needs: [create-new-version]
uses: grafana/explore-profiles/.github/workflows/build.yml@ifrost/manual-release-workflow
with:
version: ${{ needs.create-new-version.outputs.version }}
ref: ${{ needs.create-new-version.outputs.version }}

package:
needs: [create-new-version, build]
uses: grafana/explore-profiles/.github/workflows/package.yml@ifrost/manual-release-workflow
secrets: inherit
with:
version: ${{ needs.create-new-version.outputs.version }}
github_environment: gcs-no-approval

create-github-release:
needs: [create-new-version, package]
runs-on: ubuntu-latest
steps:
- uses: tibdex/github-app-token@v1
id: get_installation_token
with:
app_id: ${{ secrets.DB_FE_GITHUB_APP_ID }}
installation_id: ${{ secrets.DB_FE_GITHUB_APP_INSTALLATION_ID }}
private_key: ${{ secrets.DB_FE_GITHUB_APP_PRIVATE_KEY }}
- name: Get artifact
uses: actions/download-artifact@v4
with:
name: build-package
path: package
- name: Get changelog
run: awk '/^## / {s++} s == 1 {print}' CHANGELOG.md > release_notes.md
- name: Create Github release
uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1
with:
prerelease: false
generate_release_notes: false
files: package/*
tag_name: ${{ needs.create-new-version.outputs.version }}
token: ${{ steps.get_installation_token.outputs.token }}
body_path: release_notes.md

deploy-to-prod-catalog:
needs: [create-new-version, package]
uses: ./explore-profiles/.github/workflows/deploy-to-catalog.yml
with:
version: ${{ needs.create-new-version.outputs.version }}
environment: prod

deploy-to-cloud:
needs: [create-new-version, package]
uses: ./explore-profiles/.github/workflows/deploy.yml
secrets: inherit
strategy:
matrix:
environment: [dev, ops, prod]
with:
version: ${{ needs.create-new-version.outputs.version }}
environment: ${{ matrix.environment }}
45 changes: 45 additions & 0 deletions .github/workflows/deploy-to-catalog.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: Deploy

on:
workflow_call:
inputs:
version:
required: true
type: string
environment:
required: true
type: string
description: dev, ops or prod

jobs:
deploy-to-catalog:
name: Deploy to ${{ inputs.environment }} catalog
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}
steps:
# Required for publishing to catalog to retrieve the name of the repository
- uses: actions/checkout@v4

- name: Login to GCS
id: gcloud
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: ${{ secrets.workload_identity_provider }}
service_account: ${{ secrets.service_account }}

- name: Get secrets from Vault
id: get-secrets
uses: grafana/shared-workflows/actions/get-vault-secrets@main
with:
vault_instance: ops
common_secrets: |
GCOM_PUBLISH_TOKEN=plugins/gcom-publish-token:${{ inputs.environment }}
- name: Publish to catalog
uses: grafana/plugin-ci-workflows/actions/plugins/publish/publish@main
with:
zips: '["https://storage.googleapis.com/grafana-pyroscope-app/releases/grafana-pyroscope-app-${{ inputs.version }}.zip"]'
environment: ${{ inputs.environment }}
scopes: universal
gcom-publish-token: ${{ env.GCOM_PUBLISH_TOKEN }}
gcloud-auth-token: ${{ steps.gcloud.outputs.auth_token }}
36 changes: 0 additions & 36 deletions drone_migration.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,10 +38,7 @@
image: node:20-bullseye
name: package and sign
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands: []
depends_on:
Expand All @@ -55,10 +52,7 @@
token:
from_secret: gcs_service_account_key
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands: []
depends_on:
Expand All @@ -72,10 +66,7 @@
token:
from_secret: gcs_service_account_key
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands: []
depends_on:
Expand All @@ -89,10 +80,7 @@
token:
from_secret: gcs_service_account_key
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands: []
depends_on:
Expand All @@ -107,10 +95,7 @@
token:
from_secret: gcs_service_account_key
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands: []
depends_on:
Expand All @@ -124,31 +109,10 @@
files: grafana-pyroscope-app-${DRONE_BUILD_NUMBER}.zip
title: ${DRONE_TAG}
when:
event:
- tag
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
- commands:
- apt update
- apt install -y curl
- ./scripts/publish-plugin ${DRONE_BUILD_NUMBER} ${DRONE_TAG}
depends_on:
- generate tags
- package and sign
environment:
GCOM_TOKEN:
from_secret: gcom_publish_token
image: grafana/grafana-plugin-ci-e2e:latest
name: publish to grafana.com
when:
event:
- tag
ref:
- refs/heads/main
trigger:
ref:
- refs/tags/v*.*.*
- refs/tags/weekly-f*
type: docker
- depends_on:
Expand Down

0 comments on commit e86cca2

Please sign in to comment.